Login 100 times on one identical Skype account. Oh great that multiple simultaneous login feature...
Ah jeezes the existence of that "feature" bugs me. I really hate the fact that there is no option to switch it off. Here is my thoughts.
1. the multiple / simultaneous login features gives the user not notification. So you will never know who else is logged in. Only knowing that that is possible really sucks. It does.
2. if somebody registers an existing user-name-combination like : user-name_. or user-name_ or similar you will be probably impersonated. There is also no field to mention that you are a company or an individual.
3. there is not proper authentication in Skype. anybody can be anybody. the account are not easily managed/deleted. What about creating administrator for company accounts ?
4. Maybe the FBI told Skype leave the dual simultaneous login feature active in order to provide easy eavesdropping. 
5. anybody that knows or guesses your email-address (a kid can do it) can reset your password via the public skype account page. I call that a total lack of judgement on the matter of security and proper standard operating procedures. Who created the blueprint for that ?
6. the email-reset induces a clear-text email with your password and login mentioned. any basic hacker can intercept that. Meaning : the reset won't lead to anything. if the breach of security happened at the level of email-intercept (like with Snort, Etherral or heavier tools like Bruteforce) it won’t help a bit. The point is that the user has no notification whatsoever on who is logged on your account. Any corrupt or curious help-desk-agent or IT-support that manages a mail-server could cause the problem. A smart secretary with a grunch could it.
The solution is maybe to implement a feature like Skype did in the 2.0.0.71 (for the web-status-visibility-button) that allows the user to disables or enable multiple login feature. Most affiliate systems for example will send you an email with the IP number that logged on to a control panel during the last visit. The advice might be to have all internal and external procedures to be revised and tested by professionals on that matter.
I am looking forward to it.
for the point 4, I do not see how eavesdropping is possible... it is probably a joke ? Communications are between two clients, and it is not possible ot add a third one, in particular if it has the same username. Since you felt like bashing the Skype security in a quite rude way, this is stupid to write such a naive remark in the same page : it just shows that you did not study the issue.
Other comments coming... next time try to be more rigorous while talking about security.
Posted by: Henri | February 03, 2006 at 09:17 AM
naive remarks.. hm.. maybe one should read a bit more close on the studies that claim they can and have done it. it's not about bashing up anything by the way. proove wrong and show me that it is not possible. it is not because i make some observations here that this is to be perceived as rude bashing up. if you look around on you on the internet you will much harder statements than mine.
Posted by: joke | February 03, 2006 at 11:12 AM
Actually is not naive, you are right, I've tested it and you can log on on two machines in the same time and content gets sent to both of them.
I am very concerned about this as well, check my post at http://forum.skype.com/viewtopic.php?t=1156
Posted by: Sn3f3ru | June 01, 2006 at 01:17 AM